Overview

overview

8

Static

static

8

7ad6db34e2...0a.exe

windows7-x64

8

7ad6db34e2...0a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    19s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    01-12-2022 10:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7ad6db34e29b10bd7a947a8efe0b4cfabb89adb7117aaead73c907b30db73c0a.exe

  • Size

    112KB

  • MD5

    9da150d064654988b4082bdf1fb6a330

  • SHA1

    9030fbab18bb67e401209fe38cf18017b3d40fac

  • SHA256

    7ad6db34e29b10bd7a947a8efe0b4cfabb89adb7117aaead73c907b30db73c0a

  • SHA512

    ceef55a073165faa89df52cd441b83faaff903259587d0824352c299dc716af3aa0f532a3adc79a4e364853bf5863cb426629c9b6b51cfe293cc51efcb40df6a

  • SSDEEP

    3072:5YB+ihEN787KiX6M6hHH7oeqYEifklPaT8wiqceh:5uBh09dM6h8YE2klPn+ceh

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7ad6db34e29b10bd7a947a8efe0b4cfabb89adb7117aaead73c907b30db73c0a.exe
    "C:\Users\Admin\AppData\Local\Temp\7ad6db34e29b10bd7a947a8efe0b4cfabb89adb7117aaead73c907b30db73c0a.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:952
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c C:\Users\Admin\AppData\Local\Temp\bt6883.bat
      2⤵
        PID:1712

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\bt6883.bat
      Filesize

      4KB

      MD5

      e442c88a3a6fccd1446b4f185e3cb6c8

      SHA1

      577a1042cc9bd473812141057ab750cc3a36d8e6

      SHA256

      182a1a5d553f61f7ede538e9c3fa7503540f3a931feeba6760faddcef459e539

      SHA512

      90c3e41e676c4c8e76bc8c6c1176e5b9c133fa47e0fe8a8e9e1004036124e584dd938f25765039e718cbbe938a439c33ac7b00298693ff54ab327aa12764627d

      Download Submit

    • memory/952-56-0x0000000000400000-0x0000000000430000-memory.dmp

      Filesize

      192KB

      Download

    • memory/1712-54-0x0000000000000000-mapping.dmp

      Download